nV News Forums

 
 

nV News Forums (http://www.nvnews.net/vbulletin/index.php)
-   NVIDIA Linux (http://www.nvnews.net/vbulletin/forumdisplay.php?f=14)
-   -   Security Vulnerability CVE-2012-0946 in the NVIDIA UNIX driver (http://www.nvnews.net/vbulletin/showthread.php?t=178006)

danix 04-11-12 09:15 AM

Security Vulnerability CVE-2012-0946 in the NVIDIA UNIX driver
 
A security vulnerability in the NVIDIA UNIX driver has been closed with the latest driver release, 295.40. Details about the vulnerability are available at: http://nvidia.custhelp.com/app/answers/detail/a_id/3109

Because the vulnerability makes it possible for attackers with read/write access to the GPU device nodes to access arbitrary system memory, NVIDIA recommends that users of the NVIDIA Linux, Solaris, and FreeBSD drivers with GeForce 8 or newer, G80 Quadro or newer, or any Tesla GPU update their drivers to version 295.40 or later.

For users of the NVIDIA Linux driver who need to continue using older drivers, a patch is available which closes the vulnerability. The patch is not necessary on 295.40 or later, which already includes the security fix. The patch, and instructions on how to apply it, are available at ftp://download.nvidia.com/XFree86/pa.../CVE-2012-0946

Users of the Linux CUDA debugger should note that an updated CUDA library is needed to maintain driver compatibility with the CUDA debugger after the security vulnerability has been closed. The 295.40 driver includes an updated CUDA library and is compatible with the CUDA debugger. The CUDA debugger will not work on an older driver which has had the security patch applied.


All times are GMT -5. The time now is 11:25 AM.

Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright 1998 - 2014, nV News.